Initial CommitHEAD master

author: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
committer: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
commit: 95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree: cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /data/searxng
3 files changed, 172 insertions, 0 deletions
diff --git a/data/searxng/searxng.conf b/data/searxng/searxng.conf
new file mode 100644
index 0000000..7102d60
--- /dev/null
+++ b/data/searxng/searxng.conf
@@ -0,0 +1,48 @@
+server {
+    listen 443 ssl;
+    ssl_certificate /etc/letsencrypt/live/chudnick.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/chudnick.com/privkey.pem;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    # Your server name
+    server_name searxng.chudnick.com;
+     
+    # If you want to log user activity, comment these
+    access_log /dev/null;
+    error_log  /dev/null;
+    # Security Headers
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
+    location = / {
+      return 302 https://$host/searxng;
+    }
+                
+    # Searx reverse proxy
+    location /searxng {
+                proxy_pass http://127.0.0.1:8080;
+                proxy_set_header   Host             $host;
+        proxy_set_header   Connection       $http_connection;
+        # see flaskfix.py
+        proxy_set_header   X-Scheme         $scheme;
+        proxy_set_header   X-Script-Name    /searxng;
+    
+        # see limiter.py
+        proxy_set_header   X-Real-IP        $remote_addr;
+        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
+    }
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name searxng.chudnick.com;
+        return 301 https://$host$request_uri;
+}
diff --git a/data/searxng/settings.yml b/data/searxng/settings.yml
new file mode 100644
index 0000000..6ff425f
--- /dev/null
+++ b/data/searxng/settings.yml
@@ -0,0 +1,74 @@
+# SearXNG settings, before editing this file read:
+#
+#     https://docs.searxng.org/admin/engines/settings.html
+use_default_settings:
+  engines:
+    remove:
+      - 1337x
+      - btdigg
+      - kickass
+      - nyaa
+      - piratebay
+      - solidtorrents
+      - tokyotoshokan
+      - z-library
+      - google
+general:
+  debug: false
+  instance_name: "SearXNG"
+search:
+  safe_search: 0
+  autocomplete: ''
+  default_lang: ''
+  formats:
+    - html
+server:
+  base_url: searxng.chudnick.com
+  secret_key: "changeme"  # change this!
+  image_proxy: true
+  limiter: false
+  http_protocol_version: "1.1"
+  default_http_headers:
+    X-Content-Type-Options: nosniff
+    X-XSS-Protection: 1; mode=block
+    X-Download-Options: noopen
+    X-Robots-Tag: noindex, nofollow
+    Referrer-Policy: no-referrer
+redis:
+  url: redis://redis:6379/0
+ui:
+  static_use_hash: true
+  results_on_new_tab: false
+  default_theme: simple
+  theme_args:
+    simple_style: dark
+enabled_plugins:
+  - 'Hash plugin'
+  - 'Search on category select'
+  - 'Self Informations'
+  - 'Tracker URL remover'
+  - 'Ahmia blacklist'
+engines:
+  - name: free software directory
+    disabled: false
+  - name: gitlab
+    disabled: false
+  - name: wiby
+    disabled: true
+  - name: hoogle
+    disabled: true
+  - name: mankier
+    disabled: true
diff --git a/data/searxng/uwsgi.ini b/data/searxng/uwsgi.ini
new file mode 100644
index 0000000..3aab8dd
--- /dev/null
+++ b/data/searxng/uwsgi.ini
@@ -0,0 +1,50 @@
+[uwsgi]
+# Who will run the code
+uid = searxng
+gid = searxng
+# Number of workers (usually CPU count)
+workers = 1
+threads = 1
+# The right granted on the created socket
+chmod-socket = 666
+# Plugin to use and interpreter config
+single-interpreter = true
+master = true
+plugin = python3
+lazy-apps = true
+enable-threads = true
+# Module to import
+module = searx.webapp
+# Virtualenv and python path
+pythonpath = /usr/local/searxng/
+chdir = /usr/local/searxng/searx/
+# automatically set processes name to something meaningful
+auto-procname = true
+# Disable request logging for privacy
+disable-logging = true
+log-5xx = true
+# Set the max size of a request (request-body excluded)
+buffer-size = 8192
+# No keep alive
+# See https://github.com/searx/searx-docker/issues/24
+add-header = Connection: close
+# uwsgi serves the static files
+# expires set to one year since there are hashes
+static-map = /static=/usr/local/searxng/searx/static
+static-expires = /* 31557600
+static-gzip-all = True
+offload-threads = %k
+# Cache
+cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1
author	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
committer	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
commit	95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree	cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /data/searxng

diff --git a/data/searxng/searxng.conf b/data/searxng/searxng.conf new file mode 100644 index 0000000..7102d60 --- /dev/null +++ b/data/searxng/searxng.conf
@@ -0,0 +1,48 @@
	1	server {
	2
	3	listen 443 ssl;
	4	ssl_certificate /etc/letsencrypt/live/chudnick.com/fullchain.pem;
	5	ssl_certificate_key /etc/letsencrypt/live/chudnick.com/privkey.pem;
	6	ssl_stapling on;
	7	ssl_stapling_verify on;
	8
	9	# Your server name
	10	server_name searxng.chudnick.com;
	11
	12	# If you want to log user activity, comment these
	13	access_log /dev/null;
	14	error_log /dev/null;
	15
	16	# Security Headers
	17	add_header X-Frame-Options "SAMEORIGIN";
	18	add_header X-XSS-Protection "1; mode=block";
	19	add_header X-Content-Type-Options "nosniff";
	20
	21	location = / {
	22	return 302 https://$host/searxng;
	23	}
	24
	25	# Searx reverse proxy
	26	location /searxng {
	27	proxy_pass http://127.0.0.1:8080;
	28
	29	proxy_set_header Host $host;
	30	proxy_set_header Connection $http_connection;
	31
	32	# see flaskfix.py
	33	proxy_set_header X-Scheme $scheme;
	34	proxy_set_header X-Script-Name /searxng;
	35
	36	# see limiter.py
	37	proxy_set_header X-Real-IP $remote_addr;
	38	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	39
	40	}
	41	}
	42
	43	server {
	44	listen 80;
	45	listen [::]:80;
	46	server_name searxng.chudnick.com;
	47	return 301 https://$host$request_uri;
	48	}


diff --git a/data/searxng/settings.yml b/data/searxng/settings.yml new file mode 100644 index 0000000..6ff425f --- /dev/null +++ b/data/searxng/settings.yml
@@ -0,0 +1,74 @@
	1	# SearXNG settings, before editing this file read:
	2	#
	3	# https://docs.searxng.org/admin/engines/settings.html
	4
	5	use_default_settings:
	6	engines:
	7	remove:
	8	- 1337x
	9	- btdigg
	10	- kickass
	11	- nyaa
	12	- piratebay
	13	- solidtorrents
	14	- tokyotoshokan
	15	- z-library
	16	- google
	17
	18	general:
	19	debug: false
	20	instance_name: "SearXNG"
	21
	22	search:
	23	safe_search: 0
	24	autocomplete: ''
	25	default_lang: ''
	26	formats:
	27	- html
	28
	29	server:
	30	base_url: searxng.chudnick.com
	31	secret_key: "changeme" # change this!
	32	image_proxy: true
	33	limiter: false
	34	http_protocol_version: "1.1"
	35	default_http_headers:
	36	X-Content-Type-Options: nosniff
	37	X-XSS-Protection: 1; mode=block
	38	X-Download-Options: noopen
	39	X-Robots-Tag: noindex, nofollow
	40	Referrer-Policy: no-referrer
	41
	42	redis:
	43	url: redis://redis:6379/0
	44
	45	ui:
	46	static_use_hash: true
	47	results_on_new_tab: false
	48	default_theme: simple
	49	theme_args:
	50	simple_style: dark
	51
	52	enabled_plugins:
	53	- 'Hash plugin'
	54	- 'Search on category select'
	55	- 'Self Informations'
	56	- 'Tracker URL remover'
	57	- 'Ahmia blacklist'
	58
	59	engines:
	60	- name: free software directory
	61	disabled: false
	62
	63	- name: gitlab
	64	disabled: false
	65
	66	- name: wiby
	67	disabled: true
	68
	69	- name: hoogle
	70	disabled: true
	71
	72	- name: mankier
	73	disabled: true
	74


diff --git a/data/searxng/uwsgi.ini b/data/searxng/uwsgi.ini new file mode 100644 index 0000000..3aab8dd --- /dev/null +++ b/data/searxng/uwsgi.ini
@@ -0,0 +1,50 @@
	1	[uwsgi]
	2	# Who will run the code
	3	uid = searxng
	4	gid = searxng
	5
	6	# Number of workers (usually CPU count)
	7	workers = 1
	8	threads = 1
	9
	10	# The right granted on the created socket
	11	chmod-socket = 666
	12
	13	# Plugin to use and interpreter config
	14	single-interpreter = true
	15	master = true
	16	plugin = python3
	17	lazy-apps = true
	18	enable-threads = true
	19
	20	# Module to import
	21	module = searx.webapp
	22
	23	# Virtualenv and python path
	24	pythonpath = /usr/local/searxng/
	25	chdir = /usr/local/searxng/searx/
	26
	27	# automatically set processes name to something meaningful
	28	auto-procname = true
	29
	30	# Disable request logging for privacy
	31	disable-logging = true
	32	log-5xx = true
	33
	34	# Set the max size of a request (request-body excluded)
	35	buffer-size = 8192
	36
	37	# No keep alive
	38	# See https://github.com/searx/searx-docker/issues/24
	39	add-header = Connection: close
	40
	41	# uwsgi serves the static files
	42	# expires set to one year since there are hashes
	43	static-map = /static=/usr/local/searxng/searx/static
	44	static-expires = /* 31557600
	45	static-gzip-all = True
	46	offload-threads = %k
	47
	48	# Cache
	49	cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1
	50